[ubuntu-uk] OT: Debian apache2 problem

Sat Sep 13 20:12:56 BST 2008

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jake Bunce wrote:
| Maybe this would help?
|
http://forums.theplanet.com/index.php?s=5cc3be1abd916a5963f58dba23aadb28&showtopic=90598&pid=597326&st=0&#entry597326

|
<http://forums.theplanet.com/index.php?s=5cc3be1abd916a5963f58dba23aadb28&showtopic=90598&pid=597326&st=0&#entry597326>
|
No, it didn't help. I'm currently using the default settings on apache
for that.

The servers' now got 149 open requests, though netstat doesn't show
anything significant :(

Most of the open connections are getting the /feed/ directory...

Johnathon

| Jake
|
| 2008/9/12 Johnathon Tinsley <kirrus at kirrus.co.uk
| <mailto:kirrus at kirrus.co.uk>>
|
| Hi Jake,
|
| Jake Bunce wrote:
| | Are you using static NAT, i.e 1-1, 80.87.131.49
| <http://80.87.131.49> <http://80.87.131.49> -
| | 10.10.10.1 <http://10.10.10.1> <http://10.10.10.1> or whatever
| your internal IP is and can
|
| | it handle the amount of translations its performing? Also if you're
| | behind a shared firewall, can it handle the amount of traffic passing
| | through it? Check your firewall/iptables logs where connections are
| | initialized, but not followed through - TCP SYN messages from
| different
| | hosts but no SYN/ACK - SYN. Could indicate a DDoS attack. I had no
| | trouble viewing your site though.
| |
|
| Currently, I have no firewall - the traffic is only running through the
| routers, and no NAT. I keep meaning to load up a firewall at some point,
| but I'm not sure enough of shorewall's configuration to actually turn it
| on. (Locking yourself out is bad).
|
| Apache is running on almost-default config, with a couple of tweaks for
| .htaccess files.
|
| The box now has 13 open connections, four of which are in CLOSE_WAIT
| state.. (netstat -nt)
|
| There's nothing showing up in the error or access logs :S
|
|
|
| | Jake
| |
| | 2008/9/12 Johnathon Tinsley <kirrus at kirrus.co.uk
| <mailto:kirrus at kirrus.co.uk>
| | <mailto:kirrus at kirrus.co.uk <mailto:kirrus at kirrus.co.uk>>>
|
| |
| | Hello all,
| |
| | Slightly off topic.. I'm working on a debian server, which is
| currently
| | hosting my blog: kirrus.co.uk <http://kirrus.co.uk>
| <http://kirrus.co.uk>
|
| |
| | Unfortunately, something appears to be screwy with apache2 or
| something
| | - connections aren't being closed, and are just backing up.
| |
| | You can see this in action, if you visit the blog. Sometimes it just
| | doesn't hand you all the data, and firefox sits waiting for data from
| | "kirrus.co.uk <http://kirrus.co.uk> <http://kirrus.co.uk>".
|
| |
| | Apache just spawns server processes, till the RAM runs out. Then the
| | kernel starts killing processes and it doesn't appear to kill the
| | logical choice of apache2.
| |
| | I've tried pinging one of the other servers in the network, to see if
| | its obviously a network problem. Out of over 20,000 pings, only 4
| | weren't replied to. Is there any better way to check the network
| | infrastructure?
| |
| | Anyone have any other ideas of things to try?
| |
| | Johnathon
| |
|
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIzBC481bUwCB/xdgRAjxpAKDK2sjTsp25spuVgDIKo6jchYvbWACghJvL
oTz0HQvDzAq6ZhmZeMJk5UY=
=A1MX
-----END PGP SIGNATURE-----